<meta charset="utf-8">
<script type="text/javascript">
var OutsiteWhiteList = ['share.baidu.com','analyzis.google.com'];

function get_reg(keyword){
    var str='(';
    for(var i in keyword){
        str+=keyword[i]+"|";
    }

    return str.slice(0,-1)+')';
}

function outsite_test(script_src){
    var script_host=script_src.match(/(http:\/\/|https:\/\/)?(\S*?)\//)[2];	//script对应的host
    var white_list=new RegExp(get_reg(OutsiteWhiteList),"i");				//白名单匹配正则表达式
    if(white_list.test(script_host)){
    	//return false;
    	console.log('白名单，pass');
    }
    else{
    	console.warn('检测到跨站脚本 '+script_src);
    }
    
    return true;
}

outsite_test('share.baidu.com/a.js')
outsite_test('hack.com/a.js')
</script>
